Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

Yes, all cool... Until they are hacked by a random foreign nation that'll have detailed information about all US soldiers.

I still don't see why they made the switch from stone tablets to paper. Used to be it took 5 guys to haul away one mans medical records, now 1!!! man can come in an make off with literally hundreds if not thousands of files!!!!

I don't give a damn if they stream my colonoscopy video on Redtube or if Slashdot uses my hernia scar for a background.

On your medical records there is your SSN, DOB, Name, and Address - everything one needs to open a line of credit in your name and fund their terrorist attack on the US with a bunch of Visa, MC, Amex and Home Depot cards.

Then, the DOJ kicks your door down, slams you to the ground, puts a black bag over your head and cuffs you and then sends you to Syria or Turkey were you will be anally raped with a barbed wire covered cricket bat until you admit to masterminding the 9/11 attacks, the assassinations of JFK,

"Then, the DOJ kicks your door down, slams you to the ground, puts a black bag over your head and cuffs you and then sends you to Syria or Turkey were you will be anally raped with a barbed wire covered cricket bat until you admit to masterminding the 9/11 attacks, the assassinations of JFK, MLK, President Lincoln, and being Osama Bin Landen's homosexual lover."

No, they don't. My real background is easy to verify with many military witnesses past and current. I'd have to flag everything with "IDENTITY THEFT

If my identity gets swiped I'll have a new hobby of telling the world to double-check anything purportedly done in my name. Shit happens, brace for it.

What you are demonstrating is the natural human tendency to not see past the end of your own nose. You, like most people, are unimportant, by far your biggest risk is getting caught up in some wholesale data theft and then dealing with the relatively minor personal fallout.

But focusing on the privacy of the average Joe in this way obscures the deeper threat. It is what happens when an average joe becomes important that the real risks to society come into play. Take, for example, an up-and-coming politici

I'm on disability. I cheerfully bring my records to any employer. I have done so to verify work limitations.

I'm not, but my hearing loss is service connected. (0%, but still better than nothing.) Not only does it mean that my hearing aids and batteries are free, it makes it almost impossible for a potential employer to use it as an excuse not to hire me because I can fill three different quotas for him: people over 60, vets and people with a disability.

That 0% is fair because it's derived in an objective and neutral manner. There's a chart of hearing loss where you take the column that matches the loss in the worse ear and the row for the better ear and where they cross is your award. That way, you don't have people in different places getting different awards for the same condition.

Yes, all cool... Until they are hacked by a random foreign nation that'll have detailed information about all US soldiers.

What are they going to do with the medical records of over a million soldiers? It's not like they can discover some sort of massive "death star ventillation"-style weakness in the entire army using medical records.

Let's see, we add this "100% electronic" to a previous article by VA saying that VA and DoD electronic medical records have been combined, and add the two-three years ago VA hack that pulled all the records of a couple hundred thousand vets, and get "yeah, this will turn out well"

just some dirty liberals trying to take credit for something under Obama

If anyone knows of a liberal in the Obama administration, please let me know because I'd like to make contact with him, since he's (or she's) probably really lonely.

On second thought, if there is a liberal in the Obama administration, you better keep the name quiet, or Fox News and Glenn Beck will start a jihad to get that person sacked for having once called Republicans assholes in 2003.

I would love to have all my records. Could store them all on a 4 GB keychain drive. Would be better if the health system had a public key to access the data (which would be encrypted). They could share that public key around. I'd have some way to update my private key in case they got hacked.

One of my acquaintance's fathers worked for a NJ town - a rather small one. They had a pilot program going where every ambulance would have a laptop on it, and almost everyone in the city had a thumb drive with their medical info on it in an open format. Never really took off sadly.

Health records have been held in electronic form for YEARS in the UK. Lloyd George envelopes are so 1980's The only difference is that they are held locally (at the surgery or in a data centre) and only accessible to that practice. What you are talking about are the various national shared record initiatives where a sub-set of the record is sent to a central location and can be accessed by other care providers.(e.g A&E staff).

In England if patient dissents from the programme (by having an appropriate

Scares? Those sound like legit concerns to me. The last thing you need is to MRI someone with a metal plate in their head, or to give pennicilin to someone with an allergy. While there needs to be strict criminal liability for providing non-emergency access without permission, sticking with paper records is asinine.

If by "scares" you mean manufactured, misleading hyperbole, you're wrong. There are tens of thousands of adverse drug interactions annually in the UK (and more in the USA). Many of these are avoidable (they're not just drug-drug interactions, adverse drug-condition or drug-{age,procedure} interactions occur too) and key to avoiding this is delivering timely, accurate information to your healthcare providers.

Keeping yourself off the relevant clinical databases is a choice and a compromise of risks; on the one hand the risk that your data will be leaked and on the other hand that your choice to equip your clinicians with less information will cause you to get less effective treatment in the future.

In some senses this is a balancing of benefits to do different people; first, your healthy, vigorous, young self. Second, your elderly, sick, incapacitated self. The latter cares most about the privacy angle but I'm pretty sure the latter cares most about the quality of care. But it would too late for the elderly you to benefit their treatment by reversing the decision made by their younger self.

If you've ever dealt with a hospital, you'll know that everything NHS cites is true. I've sat with patients and had doctors and nurses come in and ask ME questions about medications, reactions, etc. Or in a few cases I've had to point out that "Doctor so & so was just in here and ordered this 5 minutes ago, are you sure you want to ALSO order that same thing and give the patient a double dose?".

I don't know if the current electronic records system is actually an improvement, but they need to do someth

The DoD MHS (military health system) already has an EMR in place called AHLTA (previously known as CHCS-2). TFA just talks about a new vendor product (from CliniComp) that's being installed in about 50 hospitals, whereas MHS has more than 100 hospitals all running AHLTA already, along with a few other EMR systems. Bad reporting from InformationWeek, it almost reads like an advertisement.

I had thought I'd read something about the military hospitals using HL7 and digital records for many years back when Microsoft called Windows Vista. There's some software called Vista that's used in military hospitals or something like that and the military hospitals have been using electronic records for a long time. No surprise TFA was more of a PR stunt since it seems that's what lots of "news" is these days, paid advertising.

Right now a lot of medical transcription work is sent overseas to take advantage of low cost out sourcing. A few years ago a woman in Pakistan threatened to publish medical records [sfgate.com] from UCSF Medical Center on the internet unless she was paid a bit more.

While it's always possible that external intruders could get by the network security, the EHR's security, and figure out how to access and make sense of the proprietary data in the systems, the biggest threat is from people on the inside.

Actually, they do...
HIPAA requires the doctors/Hospital/clinics to have the patients authorization to send medical records to insurance (if requested), and other doctors as long as you signed a release form for that specific doctor.
Oh, and you have to sign a new one every year.
You ever read that stuff you sign at the doctors?

In fact they do not have to have that permission. There is a (truck wide) hole in the law that allows disclosure for treatment or business purposes. Both of your examples would fall under this exception.

For instance: "Law Enforcement Purposes. Covered entities may disclose protected health information to law enforcement officials for law enforcement purposes under the following six circumstances, and subject to specified conditions: (1) as requ

What about privacy? The patient of course has no control over where that record goes...

Clinical data lives on multiple systems regardless of a patient's authorization to release the information to payers and other third parties. A hospital may have several clinical information systems located at third party data centers and the folks supporting of those systems may be located anywhere around the world... same goes for the folks supporting the hardware that is running the software. Theft or misuse of cli

I'm a long-term unemployed 'Nam vet and I get all of my medical care from the VA. Because I have (effectively) no income, there's no copay. That means, I get the nine different pills I take for free, along with the test strips for my blood sugar (I'm Type II) and the insulin I've been on for about a year for free. And, I recently got my cataracts removed at no charge. Not only that, as my hearing loss is service connected, my hearing aids and batteries are free. Yes, when I was working and could afford

I work in Biomedical Science, and see first hand the importance of accurate patient information. Not just for the obvious emergency where its important to know an unconscious person is a diabetic, or for doctors to know allergies etc.It is also important to know what diseases are prevalant in population, what diseases need management, where resources are needed etc. These are things that are very difficult to do at the moment because of the lack of centralised up-to-date information. A national study needs to be compiled from data from different states, countries, small departments within systems within states...its a nightmare! It could be so much better if we availed of the technology available today.

People are worried about their privacy, but from whom exactly? Who does the common guy on the street fear with their information? Surely it is a good thing your attending doctor has your history? And nobody else is allowed access. And nobody else cares! What about celebrities? Fine, have an opt out. Easy.

People are going to get into a frenzy about privacy, politicians are going to tip-toe around the issue for fear of public outrage over privacy, pathetic journalists are going to stir up peoples fears, and lives are going to be lost. Privacy is fundamental to the system, and needs to be designed in, but the benefits (lives saved) are too great to ignore.

Bravo. There are public health implications to sharing medical data that so clearly outweigh privacy concerns. The difference is a factor of possibly a million lives saved by collecting, sharing, and analyzing medical data versus embarrassing moments and unfair prejudice when data is mishandled (unfair prejudice sucks but it can be and is dealt with by methods other than privacy).

Here's a thought experiment: Imagine an opt-in system that eventually allows a huge meta-analysis of data that discovers the caus

My main fear about EHRs is mainly the centralized nature of it. Centralized databases are rarely necessary and never good, but seem to be the fantasy of every bureaucracy. I would like my EHR to be electronic, but to carry it on my phone, or in an implanted chip or something. I would like it to be illegal to store even one iota of it in a medical system that spans more than 24 hours. I want to have the power to erase it absolutely and at any time without permission from anybody. When you need to know

Centralized databases are rarely necessary and never good, but seem to be the fantasy of every bureaucracy.

Last year I spent five days in the VA hospital in West LA with a blood disorder: ITP. About a week after I got out, I went to a convention on the East Coast. Before going, I made sure I knew where the nearest VA facility was, Just In Case. As it happens, I had no need to visit them but if I had, they would have had access to all of my pertinent medical records simply by calling them up on their com

Yes, I could have carried a copy of my paper records, but which would you rather depend on in that type of emergency: remembering to carry a file to the doctor or having them instantly available?

That's why I said I would like my EHR to be electronic, but rather than stored centrally, carried on my person, in a way that I'm unlikely to ever forget (phone, implanted chip, etc.).

As a counter point - suppose you did have an emergency and didn't end up at a VA facility but instead at a generic hospital somewhere? If your records were on your phone then they could get them whereas with the VA they might not. I could imagine NFC being a useful technology here - your records are in your phone and you mer

As a counter point - suppose you did have an emergency and didn't end up at a VA facility but instead at a generic hospital somewhere?

Well, I don't have, and can't afford that type of phone, but I guess I could put them on a flash drive if needed. However, in this case, the most likely thing would be that I'd see signs that the ITP were coming back and take either a bus or taxi to the nearest VA because the condition's not one to dump you in a random ER without warning. (Basically, it's caused by a low p

While I haven't worked with a full EHR system yet, I have worked with a number of PACS systems (digital X-ray/imaging display). I've used several from different manufacturers, and every single one has had usability problems so severe that I regard the systems as unacceptable (the hospital administrators disagree).

For example in the UK, where the government mandated PACS and other electornic systems by a certain date, there was so much usability concern, that a small pressure group of medical imaging staff e

I have no idea how expensive it is - I'm guessing that if you have to ask, you can't afford it - but Philips has a system called iSite that is a wonderful PACS. Much better than any other one I've used.

Five years ago I had the opportunity to experience the military hospital system when I broke several bones. The entirety of the treatment program (about a dozen doctor visits plus about thirty physical therapy visits) resulted in only a dozen pages of scribbles (~10 words to each page) from the doctor visits plus the intake paperwork (~4 pages). There were no records of the physical therapy sessions (PS: The VA has refused to cover the injury citing a lack of documentation!)

IMHO, the reason it's in all military hospitals is because when an order is given, it is obeyed promptly. In the civilian world, it's more like "Yeah, we'll get to it eventually but we're going to need a lot more funding and people and equipment and time off and perks and...."

CHCS and AHLTA are on the slower side. CHCS has an interface similiar to DOS. A big problem with both of them is that they require you to do the same thing over and over for simple tasks. They started rolling out essentris when I worked at labor and delivery, gotta say it was one of the fastest and most user friendly apps but best of all it pools information from one sheet to another which saves time. Also more secure for the fact that it requires you to log in each time you edit a note or add information,

In the private system, I saw my doctor, who never looked in my eyes since she was too busy looking in a laptop. No paper chart at the exam just the laptop with info dating from the start of the new electronic system.

Went to a specialist (on of the most respected in his field). Staring in a laptop he bluffed his way through the $200 exam and told me he could not have performed the surgery in 2005 it had to be 2007. All of this is in the paper chart, which he could understand because he MADE IT HIS WAY.

Last time I looked into this it seemed like CCR (continuity of care record) was becoming the document standard for these records but the VA already had a system that did not use that document format. Has the industry / government settled on a document standard for (textual) medical records yet?

Good question. I work with several EMR vendors and they all side with CCD instead of CCR. Truth be told, there will never be the one true format. My company will have to support CCD, CCR, HL7v2, and lord knows how many proprietary formats for the foreseeable future.

What we do is just store every piece of medical information as discrete, granular data and when pulling from the data storage we assemble it into a self-designed proprietary intermediate format and from there it is sent to a target-specific expor

Most of you don't know how EHR's work, by the way you are talking about them. I work for one of the top EHR companies and know that these aren't as insecure as you all think. The data isn't transferred it is all transferred through a hospitals internal network. The only time information is shared between hospitals is if the patient is admitted to a hospital outside of their provider and when this occurs the information is transferred using a high bit encryption (I know what number is, but I signed a NDA). As for the government, I also know that their EHR systems is highly customized and using high security measures then public hospitals. Paper systems were highly insecure as well, I mean you just had to go into a hospital and the records were usually in an unlocked room (witnessed this).

Contextualized user experiences are one of the key ideas of web2.0 interfaces. This translates into not presented users with irrelevant options. In EHRs, clinicians are provided with screens with 100's of checkboxes. This can be addressed by providing analytics that determine the 20 relevant checkboxes. It was in part to solve this issue we started MEDgle ( http://www.medgle.com/ [medgle.com] ) . At MEDgle, our focus is to enable scalable health by facilitating the distribution of care tasks to the most cost effective i

Good for employees (doctors etc who need the info) but there is still no way for veterans to see their own health records online.

For people with government insurance it is a positive trend, but for people dependent on private insurance there are privacy concerns. Who will insure you when your medical conditions are made public? What will it cost?